package org.geeks.gsspringsecurity.biz.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class HelloController {

	/**
	 * Without permission
	 * 
	 * @return msg
	 */
	@GetMapping("hi-0")
	public String hi0() {
		return "Hi, 0 !";
	}

	/**
	 * With permission
	 * 
	 * @return msg
	 */
	@GetMapping("hi-1")
	// TODO @Secured("ROLE_USER")
	@PreAuthorize("hasAuthority('hi-1')")
	public String hi1() {
		return "Hi, 1 !";
	}

	/**
	 * With permission
	 * 
	 * @return msg
	 */
	@GetMapping("hi-2")
	@PreAuthorize("hasAuthority('hi-2')")
	public String hi2() {
		return "Hi, 2 !";
	}
}
